Re: [Exim] a spammer

Top Page
Delete this message
Reply to this message
Author: Peter Radcliffe
Date:  
To: exim-users
Subject: Re: [Exim] a spammer
Dennis Taylor <ismgr@???> probably said:
> A significant amount of spam comes from email addresses with domains like
> "2die4.com", "myself.com", "soon.com", and other idiotic names. These are
> all owned by inamecorp.com and serviced by their DNS servers (165.251.1.2
> and .3). Smtp rejects always go to mail-intake-1.iname.net, where they're
> rejected.


This probably means that they're not real accounts, spammers make up
random addresses to use as the sender address on their spam and
because mail.com (nee iname) have _so_ many domains it'll be fairly
likely that these random domains are registered to them.

Part of mail.com's business is having all these domains so their users
can pick their address from them.

> What I'm wondering is, is there a way to A) detect that an incoming 'from'
> address is served by the spamcorp dns servers, and reject it? and B) send
> the reject straight to the inamecorp.com postmaster?


I would strongly advise against doing that, especially the latter.
You could legitimately be accused of spamming _them_, since they
probably have nothing to do with 90% of the mail you get.

P.

-- 
pir                  pir@???                    pir@???